Arcjet bot protection

Arcjet bot detection allows you to manage traffic by automated clients and bots.

What is Arcjet?

Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification & defend against common attacks.

Why configure bot protection?

Bots can be good (such as search engine crawlers or monitoring agents) or bad (such as scrapers or automated scripts). You might also want to allow automated clients access to your API (even though they might seem like bots), but deny access to a signup form. In an ideal world, all bots would respect the robots.txt file, but unfortunately this is not always the case. Arcjet allows you to configure bot protection so you can decide which bots are allowed.

Bot detection realities

It’s impossible to create a system that can block all bots. Good bots identify themselves in a consistent manner so it is straightforward to identify them, but those are often not the bots you wish to block! Bad bots pretend to be real clients and use various mechanisms to evade bot detection.

Arcjet’s bot protect works best when combined with rate limiting. This allows you to block clients that are causing problems whilst minimizing the impact on real users.

Arcjet will help you reduce bot traffic and give you more control over which requests reach your application, but it’s important to understand that it’s not possible to achieve 100% accuracy.